CVE-2014-0336

Serena Dimensions CM 12.2 build 7.199.0 - Cross-Site Request Forgery via adminconsole/ URI

Title source: llm
STIX 2.1

Description

Cross-site request forgery (CSRF) vulnerability in the web client in Serena Dimensions CM 12.2 build 7.199.0 allows remote attackers to hijack the authentication of administrators for requests that use the user_new_master parameter to the adminconsole/ URI.

References (1)

Core 1
Core References
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/823452

Scores

EPSS 0.0070
EPSS Percentile 48.9%

Details

CWE
CWE-352
Status published
Products (1)
serena/dimensions_cm 12.2 build7.199.0
Published Mar 06, 2014
Tracked Since Feb 18, 2026